Proving Grounds: Twiggy write-up

Twiggy was another easy box from Proving Grounds. If you've read the write-up on Bratarina then Twiggy follows a very similar methodology; by which I mean it's one step to root by executing a pre-compiled exploit on an unusual port. Enumeration As always we start with AutoRecon and check out the nmap. _quick_nmap Looks like … Continue reading Proving Grounds: Twiggy write-up

Proving Grounds: Bratarina write-up

Bratarina Bratarina from Offensive Security's Proving Grounds is a very easy box to hack as there is no privilege escalation and root access is obtained with just one command using a premade exploit. The hardest part is finding the correct exploit as there are a few rabbit holes to avoid. Enumeration The first step always … Continue reading Proving Grounds: Bratarina write-up

Hack The Box: Delivery write-up

Introduction Delivery is an easy, Linux box made by Ippsec and hosted on Hack The Box. Hacking Delivery requires little technical knowledge or reliance on tools, which makes it great for beginners. Hacking in requires: Exploiting logic errors;MySQL enumeration; andHashcat. Enumeration Whilst I started this box with my usual AutoRecon and Nmap scans, I actually … Continue reading Hack The Box: Delivery write-up

Hack The Box: Bank write-up

Introduction This is a write-up of the Bank box from Hack The Box. Bank is an easy Linux box, and hacking it requires: Text searching and manipulation;MySQL enumeration; andSUID knowledge. Note before - unfortunately this box also requires some guesswork, or assumed knowledge. This is unfortunate as, despite being ranked as an easy box, it … Continue reading Hack The Box: Bank write-up